From ff0117a1a5dc29b97e11238f737d308b0aace7b6 Mon Sep 17 00:00:00 2001 From: dakkar <dakkar@thenautilus.net> Date: Tue, 5 Mar 2024 16:52:05 +0000 Subject: [PATCH 1/2] check prohibited words when creating notes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit some small differences (between Misskey and us) inside the `create` method made `git` put all the changes inside the `import` method… I thought I had copied them all, but I had missed one, and it's a pretty important one: prohibited words were not being checked! --- packages/backend/src/core/NoteCreateService.ts | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/packages/backend/src/core/NoteCreateService.ts b/packages/backend/src/core/NoteCreateService.ts index b985846f1c..631d7074bd 100644 --- a/packages/backend/src/core/NoteCreateService.ts +++ b/packages/backend/src/core/NoteCreateService.ts @@ -266,6 +266,16 @@ export class NoteCreateService implements OnApplicationShutdown { } } + const hasProhibitedWords = await this.checkProhibitedWordsContain({ + cw: data.cw, + text: data.text, + pollChoices: data.poll?.choices, + }, meta.prohibitedWords); + + if (hasProhibitedWords) { + throw new IdentifiableError('689ee33f-f97c-479a-ac49-1b9f8140af99', 'Note contains prohibited words'); + } + const inSilencedInstance = this.utilityService.isSilencedHost(meta.silencedHosts, user.host); if (data.visibility === 'public' && inSilencedInstance && user.host !== null) { @@ -299,7 +309,7 @@ export class NoteCreateService implements OnApplicationShutdown { } // Check blocking - if (data.renote && data.text == null && data.poll == null && (data.files == null || data.files.length === 0)) { + if (data.renote && !this.isQuote(data)) { if (data.renote.userHost === null) { if (data.renote.userId !== user.id) { const blocked = await this.userBlockingService.checkBlocked(data.renote.userId, user.id); @@ -1018,7 +1028,7 @@ export class NoteCreateService implements OnApplicationShutdown { removeOnComplete: true, }); } - + // Pack the note const noteObj = await this.noteEntityService.pack(note, null, { skipHide: true, withReactionAndUserPairCache: true }); -- GitLab From 29eea64d4638fd1cbe164b1cdd721b2e30836866 Mon Sep 17 00:00:00 2001 From: dakkar <dakkar@thenautilus.net> Date: Tue, 5 Mar 2024 16:54:31 +0000 Subject: [PATCH 2/2] update notes to make sure we remember to check import/create problems --- CONTRIBUTING.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index fefabc513d..50f323fab0 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -462,6 +462,8 @@ fix conflicts and *commit*! *after that commit*, do all the extra work, on the same branch: * copy all changes: + * from `NoteCreateService.create` to `NoteCreateService.import` (and + vice versa if `git` got confused!) * from `NoteCreateService` to `NoteEditService` * from `ApNoteService.createNote` to `ApNoteService.updateNote` * from `endoints/notes/create.ts` to `endoints/notes/edit.ts` -- GitLab